The ransomware that drove last year's boom in file-encrypting malware is back, and this time it's even harder to detect.

Ransomware cost its victims some $1bn during 2016, with Locky one of the most widespread variants, infecting organisations across the globe.

However, the start of 2017 saw a sudden decline in the distribution of Locky, to such an extent that another form of ransomware -- Cerber -- has usurped Locky's dominance.

But after being all but written off, Locky is staging a comeback. Cybersecurity researchers at Cisco Talos have observed a surge in emails distributing Locky, with over 35 thousand emails sent in just a few hours. This surge in distribution is being attributed to the Necurs botnet, which until recently focused on spamming pump-and-dump stockmarket scams.